PT-2005-1434 · Sun Microsystems+1 · Storedge Enterprise Backup+2
Publicado
2005-08-20
·
Atualizado
2017-07-11
·
CVE-2005-0358
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
EMC Legato NetWorker versions 6.0 and 6.1
Solstice Backup versions 6.0 and 6.1
StorEdge Enterprise Backup versions 6.0 through 7.2
Description
The issue allows remote attackers to gain privileges by modifying an authentication token due to improper verification of authentication tokens.
Recommendations
For EMC Legato NetWorker versions 6.0 and 6.1, update to a version that properly verifies authentication tokens.
For Solstice Backup versions 6.0 and 6.1, update to a version that properly verifies authentication tokens.
For StorEdge Enterprise Backup versions 6.0 through 7.2, update to a version that properly verifies authentication tokens.
As a temporary workaround, consider restricting access to authentication token modification until a patch is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Emc Legato Networker
Solstice Backup
Storedge Enterprise Backup